STIGQter: STIG Summary: McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Jul 2018: STIGQter: STIG Summary: McAfee MOVE AV Multi-Platform 4.5 Security Technical Implementation Guide Version: 1 Release: 2 Benchmark Date: 27 Jul 2018:SV-93271r1_rule
V-78565
MV45-SVM-000002
MV45-SVM-000002
CAT II
10
Access the ePO server. From the system tree, select the "Systems" tab and find and click on the asset representing the McAfee MOVE SVM to open its properties. Click on Actions >> Agent >> Modify Tasks on a Single System.
Click Actions >> New Client Task Assignment.
Under "Product", select "McAfee Agent".
Under "Task Type", select "Product Deployment".
Under "Task Name", select "Create New Task".
Next to "Task Name", enter "Deploy VSE to MOVE SVM".
Next to "Target Platforms", ensure only Windows is selected.
In the drop-down box for "Products and components", select "VirusScan Enterprise 8.8.0.x" and ensure the drop-down box for "Action" is set to Install.
Click "Save".
Click "Next".
For the "Schedule status:", select "Enabled".
Configure the schedule variable in accordance with local Change Control policy and click "Next".
On the "Summary" tab, click "Save" and then "Close".
Back at the "Systems Information" screen, click on the "Wake Up Agents" button.
In the "Wake Up McAfee Agent" screen, for the "Force policy update:" settings, select the "Force complete policy and task update" check box.
Click "OK".
Access the server designated as the McAfee MOVE SVM. In the taskbar, right-click the red McAfee Agent shield and select "About".
Under "McAfee Agent", ensure "Last agent-to-server communication:" is within the time period designated by the "Agent to Server Communication Interval".
Ensure the "McAfee VirusScan Enterprise + AntiSpyware Enterprise" is listed as an installed product.
Ensure the version number is "8.8.0" or higher.
To use an alternative method for validating: From the ePO server console system tree, select the "Systems tab" and find and click on the asset representing the McAfee MOVE SVM to open its properties.
Under the "System Properties" tab, ensure the "Last communication" is within the time period designated by the "Agent-to-Server Communication Interval:" under the "McAfee Agent" tab.
Under the "System Properties" tab, next to the "Installed Products" field, ensure VirusScan Enterprise 8.8.0.x is listed as an installed product.
Ensure the "Product Version" for VirusScan Enterprise is listed as "8.8.0" or higher.
If VirusScan Enterprise 8.8.0 or higher is not installed and/or the "Last communication" to the ePO server is not within the specified Agent-to-Server Communication interval, this is a finding.
V-78565
False
MV45-SVM-000002
Access the server designated as the McAfee MOVE SVM. In the taskbar, right-click the red McAfee Agent shield and select "About".
Under "McAfee Agent", ensure "Last agent-to-server communication:" is within the time period designated by the "Agent to Server Communication Interval".
Ensure the "McAfee VirusScan Enterprise + AntiSpyware Enterprise" is listed as an installed product.
Ensure the version number is "8.8.0" or higher.
To use an alternative method for validating: From the ePO server console system tree, select the "Systems tab" and find and click on the asset representing the McAfee MOVE SVM to open its properties.
Under the "System Properties" tab, ensure the "Last communication" is within the time period designated by the "Agent-to-Server Communication Interval:" under the "McAfee Agent" tab.
Under the "System Properties" tab, next to the "Installed Products" field, ensure VirusScan Enterprise 8.8.0.x is listed as an installed product.
Ensure the "Product Version" for VirusScan Enterprise is listed as "8.8.0" or higher.
If VirusScan Enterprise 8.8.0 or higher is not installed and/or the "Last communication" to the ePO server is not within the specified Agent-to-Server Communication interval, this is a finding.
M
3233